From Compliance to Good Corporate Governance
Tuesday, 19 June 2007
Samina Rizwan
THE Securities and Exchange Commission (SEC) of Bangladesh in January, 2006 the Guidelines of Corporate Governance for publicly listed companies. The guidelines along with the best practices and regulations of the Companies Act 1994 (Amended), the Banking Companies Act, 1991 (Amended), the Financial Institutions Act, 1993, the Securities and Exchange Commission Act 1993, the Securities and Exchange Ordinance 1969, and other industry specific regulatory authorities including Bangladesh Bank, Bangladesh Energy Regulatory Authority, Bangladesh Telecommunications Regulatory Authority, Department of Insurance etc., form a strong framework for good corporate governance in the country. However, does good corporate governance mean added expenses for a corporation? Can good corporate governance drive better business results?
"The number of board members of the company should not be less that five and more than 20 with a view to enabling access to diverse expertise and meaningful discussion….All companies should encourage effective representation of independent non-shareholder directors on their Board of Directors so that Board as a group includes core competences considered relevant in the context of each company……The position of chairman of the Board and the Chief Executive Officer of the companies should be filled different individuals…..The Board of Directors should clearly define respective roles and responsibilities of the Chairman and the Chief Executive Officer."
This is an extract from the Order related to Corporate Governance (January 9, 2006) by the SEC of Bangladesh.
Good corporate governance leads to better corporate performance management. It can help companies regain control of their businesses, increase organisational credibility and remove barriers throughout the enterprise. It leads to better business results.
As more and more Bangladeshi companies feed into the global supply chain, understanding of, and adherence to global compliance norms have become essential. This puts even more pressure on the companies' internal information gathering and processing system. Global companies need to understand what is facing them. There are several country- and region- specific compliance regulations - Sarbanes Oxley in the US, the EU's Action Plan for Company Law and March 17 2004 Anti-Fraud Directive proposal, Germany's Cromme Kodex, Britain's Cadbury-Turnbull, Australia's AIX Code, and Italy's Borsa Italiana Code, to name just a few.
While the number of compliance required of a successful global business may sound overwhelming, there are fundamental similarities between these laws:
o All of them require managements to be accountable to stakeholders.
o All require companies to establish a reliable information system that allows them to report the organisation's financial health using international standards and comply with local legislation and good corporate governance practices.
o And all require company management to articulate internal controls and manage the risks of financial reporting error and loss.
When a company faces regulatory compliance code, it is essential to go beyond the "checklist" of regional reporting mandates. Those that will benefit from compliance will do so by creating a pervasive and permanent "culture of compliance" throughout the organisation. From the top down, companies must set the tone and "play by the rules." This means taking measures to ensure the sales force doesn't come under unreasonable pressure to augment the numbers. It means making sure the accountants don't view "cutting edge" accounting as a euphemism for outfoxing the regulatory bodies. And it means assuring managers that they will never be asked to exert pressure woman employee, customer, or supplier to bend the rules.
Business executives who look at the broad picture of what regulations are designed to do often recognise best business practices. The new focus on control and visibility opens up avenues for business process improvement in several ways. Documenting business processes creates a body of easily shared and enforced organisational knowledge. Visibility and transparency in reporting bring timely, accurate information - moving companies toward a "daily close" - that lets executives manage with today's facts rather than last month's information. Visibility also helps identify non-compliance and break- downs in processes.
To traverse from mere compliance to good corporate governance and active corporate performance management, businesses need to focus on
- strategic goal setting and alignment,
- planning, budgeting, forecasting and modelling, and
- operational analytics, reporting and consolidation.
Cost of Compliance: In 2004 several market research organisations estimated that it cost American companies between US$ 3.1 million and US$ 16 million to comply with Sarbanes Oxley. Executives responding to a Price water house Coopers "Management Barometer" study (November 2004) said they expect their companies to increase their compliance spending by an average of 9.9 per cent during the next 12 to 24 months. (CFO, 11/29/04). A survey of almost 270 board directors at U.S. companies released by RHR International and Directorship magazine found that companies shelled out an average of $16 million on Sarbanes Oxley compliance, up 77 per cent from the previous year. (CFO, 11/29/04)
Compliance Challenges: The greatest compliance challenges faced by companies are:
1. Multiple Regulations - Proliferation of regulatory, legislative, and industry mandates compete for resources
2. Business Changes - Changes in people and processes complicate documentation, training, and security.
3. The Human Factor - Inconsistent employee knowledge and understanding of policies, procedures, and ethical standards increase compliance risk.
4. Reliance on Manual Controls - Manual internal controls are more costly and less reliable than automated controls
5. Data Fragmentation- Disparate systems and processes multiply potential points of failure, make record retrieval difficult, and increase audit costs.
6. Short Deadlines-Ad hoc approach costs companies more than a strategic solution.
When you think about compliance strategically, you'll find common business requirements across multiple mandates, and there are a number of information technology components that can help address these overlapping needs.
Sound Controls Improve Business Practices: Although compliance may no longer be a choice for many companies (it has become a necessity for doing business), it can be a two-way street - one that boosts investor confidence while fostering leaner, more agile business processes and more profitable operations. Companies can leverage the rules of corporate performance management as a benchmark to articulate and consciously redesign the way they do business.
While regulatory, legal compliance typically applies to public companies, many private firms now view compliance as a considerable benefit, if not a requirement, to stay competitive. Companies with plans to go public or those looking to be acquired need to pre-emptively establish and articulate internal controls and financial reporting practices. Even companies that rely on lenders or venture capital must now demonstrate effective governance practices and financial transparency in order to gain funding. Beyond this, many private and non-profit companies have established compliance programme simply because they see it as good business.
Using technology for better corporate governance: The tougher part of the compliance challenge for most organisations are not in finance - it is in technology systems. A study by Ernst & Young found that virtually all the companies surveyed placed significant reliance on controls in some or all parts of their businesses to reduce the risk of inaccurate financial reporting.
If the systems supporting the company's daily transactions are not controlled properly, it may give a distorted picture of the company's performance results. Many companies today operate in environments that make this distortion of reality all too easy. For instance, companies often operate varying systems to support different parts of the business - from Customer Relationship Management (CRM) to financials to manufacturing. Inaccuracies can result from data that is poorly managed as it passes through these multiple applications.
Establishing a compliant environment by unifying information technology(IT) operations with integrated application suites improves control, reduces overall cost and increases the assurance of data quality. Further, with a unified technology model, companies gain an accurate and timely picture of business data, enabling better decisions and faster response to change.
How good information systems help:
l Reduces points of failure and reconciliation with unified data model
l Automates all processes and business flows
l Helps adopt self-service making business transactions faster and error free
Sophisticated IT systems that are standards based and talk easily to each other allow companies to process their data to arrive at critical business information that not only enables companies to comply with regulatory requirements, it also allows companies to take better informed business decision. Sophisticated information systems therefore lead to smarter businesses.
Conclusion: Regulatory compliance is no longer a choice for companies conducting business on a global scale. Further, regulatory compliance and good corporate governance will stay in the spotlight for the foreseeable future. However, embracing the spirit of these requirements - ethical corporate governance and reliable, timely reporting - can ultimately prove less expensive than grudgingly complying with the letter of the law. In fact, it can deliver measurable bottom-line results, leading to sound corporate performance management and good corporate governance. Strategic companies will distinguish themselves by transforming regulatory compliance into corporate excellence.
The writer is Regional Director for Oracle Corporation's South Asia Growth
THE Securities and Exchange Commission (SEC) of Bangladesh in January, 2006 the Guidelines of Corporate Governance for publicly listed companies. The guidelines along with the best practices and regulations of the Companies Act 1994 (Amended), the Banking Companies Act, 1991 (Amended), the Financial Institutions Act, 1993, the Securities and Exchange Commission Act 1993, the Securities and Exchange Ordinance 1969, and other industry specific regulatory authorities including Bangladesh Bank, Bangladesh Energy Regulatory Authority, Bangladesh Telecommunications Regulatory Authority, Department of Insurance etc., form a strong framework for good corporate governance in the country. However, does good corporate governance mean added expenses for a corporation? Can good corporate governance drive better business results?
"The number of board members of the company should not be less that five and more than 20 with a view to enabling access to diverse expertise and meaningful discussion….All companies should encourage effective representation of independent non-shareholder directors on their Board of Directors so that Board as a group includes core competences considered relevant in the context of each company……The position of chairman of the Board and the Chief Executive Officer of the companies should be filled different individuals…..The Board of Directors should clearly define respective roles and responsibilities of the Chairman and the Chief Executive Officer."
This is an extract from the Order related to Corporate Governance (January 9, 2006) by the SEC of Bangladesh.
Good corporate governance leads to better corporate performance management. It can help companies regain control of their businesses, increase organisational credibility and remove barriers throughout the enterprise. It leads to better business results.
As more and more Bangladeshi companies feed into the global supply chain, understanding of, and adherence to global compliance norms have become essential. This puts even more pressure on the companies' internal information gathering and processing system. Global companies need to understand what is facing them. There are several country- and region- specific compliance regulations - Sarbanes Oxley in the US, the EU's Action Plan for Company Law and March 17 2004 Anti-Fraud Directive proposal, Germany's Cromme Kodex, Britain's Cadbury-Turnbull, Australia's AIX Code, and Italy's Borsa Italiana Code, to name just a few.
While the number of compliance required of a successful global business may sound overwhelming, there are fundamental similarities between these laws:
o All of them require managements to be accountable to stakeholders.
o All require companies to establish a reliable information system that allows them to report the organisation's financial health using international standards and comply with local legislation and good corporate governance practices.
o And all require company management to articulate internal controls and manage the risks of financial reporting error and loss.
When a company faces regulatory compliance code, it is essential to go beyond the "checklist" of regional reporting mandates. Those that will benefit from compliance will do so by creating a pervasive and permanent "culture of compliance" throughout the organisation. From the top down, companies must set the tone and "play by the rules." This means taking measures to ensure the sales force doesn't come under unreasonable pressure to augment the numbers. It means making sure the accountants don't view "cutting edge" accounting as a euphemism for outfoxing the regulatory bodies. And it means assuring managers that they will never be asked to exert pressure woman employee, customer, or supplier to bend the rules.
Business executives who look at the broad picture of what regulations are designed to do often recognise best business practices. The new focus on control and visibility opens up avenues for business process improvement in several ways. Documenting business processes creates a body of easily shared and enforced organisational knowledge. Visibility and transparency in reporting bring timely, accurate information - moving companies toward a "daily close" - that lets executives manage with today's facts rather than last month's information. Visibility also helps identify non-compliance and break- downs in processes.
To traverse from mere compliance to good corporate governance and active corporate performance management, businesses need to focus on
- strategic goal setting and alignment,
- planning, budgeting, forecasting and modelling, and
- operational analytics, reporting and consolidation.
Cost of Compliance: In 2004 several market research organisations estimated that it cost American companies between US$ 3.1 million and US$ 16 million to comply with Sarbanes Oxley. Executives responding to a Price water house Coopers "Management Barometer" study (November 2004) said they expect their companies to increase their compliance spending by an average of 9.9 per cent during the next 12 to 24 months. (CFO, 11/29/04). A survey of almost 270 board directors at U.S. companies released by RHR International and Directorship magazine found that companies shelled out an average of $16 million on Sarbanes Oxley compliance, up 77 per cent from the previous year. (CFO, 11/29/04)
Compliance Challenges: The greatest compliance challenges faced by companies are:
1. Multiple Regulations - Proliferation of regulatory, legislative, and industry mandates compete for resources
2. Business Changes - Changes in people and processes complicate documentation, training, and security.
3. The Human Factor - Inconsistent employee knowledge and understanding of policies, procedures, and ethical standards increase compliance risk.
4. Reliance on Manual Controls - Manual internal controls are more costly and less reliable than automated controls
5. Data Fragmentation- Disparate systems and processes multiply potential points of failure, make record retrieval difficult, and increase audit costs.
6. Short Deadlines-Ad hoc approach costs companies more than a strategic solution.
When you think about compliance strategically, you'll find common business requirements across multiple mandates, and there are a number of information technology components that can help address these overlapping needs.
Sound Controls Improve Business Practices: Although compliance may no longer be a choice for many companies (it has become a necessity for doing business), it can be a two-way street - one that boosts investor confidence while fostering leaner, more agile business processes and more profitable operations. Companies can leverage the rules of corporate performance management as a benchmark to articulate and consciously redesign the way they do business.
While regulatory, legal compliance typically applies to public companies, many private firms now view compliance as a considerable benefit, if not a requirement, to stay competitive. Companies with plans to go public or those looking to be acquired need to pre-emptively establish and articulate internal controls and financial reporting practices. Even companies that rely on lenders or venture capital must now demonstrate effective governance practices and financial transparency in order to gain funding. Beyond this, many private and non-profit companies have established compliance programme simply because they see it as good business.
Using technology for better corporate governance: The tougher part of the compliance challenge for most organisations are not in finance - it is in technology systems. A study by Ernst & Young found that virtually all the companies surveyed placed significant reliance on controls in some or all parts of their businesses to reduce the risk of inaccurate financial reporting.
If the systems supporting the company's daily transactions are not controlled properly, it may give a distorted picture of the company's performance results. Many companies today operate in environments that make this distortion of reality all too easy. For instance, companies often operate varying systems to support different parts of the business - from Customer Relationship Management (CRM) to financials to manufacturing. Inaccuracies can result from data that is poorly managed as it passes through these multiple applications.
Establishing a compliant environment by unifying information technology(IT) operations with integrated application suites improves control, reduces overall cost and increases the assurance of data quality. Further, with a unified technology model, companies gain an accurate and timely picture of business data, enabling better decisions and faster response to change.
How good information systems help:
l Reduces points of failure and reconciliation with unified data model
l Automates all processes and business flows
l Helps adopt self-service making business transactions faster and error free
Sophisticated IT systems that are standards based and talk easily to each other allow companies to process their data to arrive at critical business information that not only enables companies to comply with regulatory requirements, it also allows companies to take better informed business decision. Sophisticated information systems therefore lead to smarter businesses.
Conclusion: Regulatory compliance is no longer a choice for companies conducting business on a global scale. Further, regulatory compliance and good corporate governance will stay in the spotlight for the foreseeable future. However, embracing the spirit of these requirements - ethical corporate governance and reliable, timely reporting - can ultimately prove less expensive than grudgingly complying with the letter of the law. In fact, it can deliver measurable bottom-line results, leading to sound corporate performance management and good corporate governance. Strategic companies will distinguish themselves by transforming regulatory compliance into corporate excellence.
The writer is Regional Director for Oracle Corporation's South Asia Growth